freshservice-automation
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses an attack surface for indirect prompt injection. 1. Ingestion points: The skill retrieves ticket subjects and descriptions via FRESHSERVICE_GET_TICKET in SKILL.md. 2. Boundary markers: There are no explicit delimiters or 'ignore embedded instruction' warnings provided. 3. Capability inventory: The skill has write capabilities including FRESHSERVICE_BULK_UPDATE_TICKETS and FRESHSERVICE_CREATE_TICKET_OUTBOUND_EMAIL. 4. Sanitization: No sanitization or escaping of ingested ticket data is mentioned.
- External Service Dependency (SAFE): The skill utilizes an external MCP server at https://rube.app/mcp. While this is an untrusted external source, it is the intended primary configuration for the skill's functionality.
Audit Metadata